Hello.
I am new to the Thwack forums. We have just installed Orion NCM, and we are using it to monitor < 50 Cisco devices. We are using Syslog to monitor those devices, and I have a few questions.
Apologies in advance if there are resources I should otherwise be using to answer these questions, and thanks for any help or assistance you can offer. If there are other resources or knowledgebase articles I haven't found yet, I would be grateful for any links.
My questions:
1. We used to use Kiwi Syslogger before it was purchased by Solarwinds and made a part of the NCM suite.
The Syslog database used to be a flat file that was easy to back up, but according to my reading, the Syslogger database is now part of the SQL database maintained by Orion.
Is this correct?
2. What is the best way to retain old syslogs using the NCM SQL database?
I have been asked to configure the Syslog database to keep logs for 365 days. I am quickly finding out that this is not feasible, as I haven't even added all of our firewalls to the Syslog server, but I'm getting notices such as, "Syslog reached 2450674 rows, which is above warning threshold of 1000000. For more information, see SolarWinds Knowledge Base."
The KB article gives instructions on trimming the database. But what if I want to keep the database and either offload old entries or put limits on the information collected so that longterm monitoring and storage is possible?
Is there a way to tune Syslogger so that the out-of-the-box settings retain less unimportant information? Or is it best practice to somehow save older database entries for review later if needed?
3. How do you set the NCM database for remote connectivity?
When I try to use SQL studio to reach the database I can't. The credentials work when I log in locally, but not when I attempt to reach the database using SQL Studio from another computer.lo